Allow removing private data in chrome://net-export.

This introduces a new LogLevel, LOG_STRIP_PRIVATE_DATA, which callbacks within
the network stack check to decide whether or not to report redacted data.
Unfortunately, this involves duplicating the net-internals implementation, but
that implementation isn't easily reusable given chrome://net-exports'
constraints.

Plumb this state through net-export and adjust the UI and state machine
accordingly. Add various tests.

This also moves HttpAuth::ChallengeTokenizer to HttpUtil::ChallengeTokenizer as
some of the redaction logic reuses the parser. This avoids giving everything a
dependency on HttpAuth.

BUG=349502

Review URL: https://codereview.chromium.org/182523006

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@257645 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 81 insertions, 0 deletions

diff --git a/net/http/http_log_util.cc b/net/http/http_log_util.cc
new file mode 100644
index 0000000..ab6ebda
--- /dev/null
+++ b/net/http/http_log_util.cc
@@ -0,0 +1,81 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "net/http/http_log_util.h"
+
+#include "base/strings/string_util.h"
+#include "base/strings/stringprintf.h"
+#include "net/http/http_auth_challenge_tokenizer.h"
+
+namespace net {
+
+namespace {
+
+bool ShouldRedactChallenge(HttpAuthChallengeTokenizer* challenge) {
+  // Ignore lines with commas, as they may contain lists of schemes, and
+  // the information we want to hide is Base64 encoded, so has no commas.
+  if (challenge->challenge_text().find(',') != std::string::npos)
+    return false;
+
+  std::string scheme = StringToLowerASCII(challenge->scheme());
+  // Invalid input.
+  if (scheme.empty())
+    return false;
+
+  // Ignore Basic and Digest authentication challenges, as they contain
+  // public information.
+  if (scheme == "basic" || scheme == "digest")
+    return false;
+
+  return true;
+}
+
+}  // namespace
+
+std::string ElideHeaderValueForNetLog(NetLog::LogLevel log_level,
+                                      const std::string& header,
+                                      const std::string& value) {
+#if defined(SPDY_PROXY_AUTH_ORIGIN)
+  if (!base::strcasecmp(header.c_str(), "proxy-authorization") ||
+      !base::strcasecmp(header.c_str(), "proxy-authenticate")) {
+    return "[elided]";
+  }
+#endif
+
+  if (log_level < NetLog::LOG_STRIP_PRIVATE_DATA)
+    return value;
+
+  // Note: this logic should be kept in sync with stripCookiesAndLoginInfo in
+  // chrome/browser/resources/net_internals/log_view_painter.js.
+
+  std::string::const_iterator redact_begin = value.begin();
+  std::string::const_iterator redact_end = value.begin();
+  if (!base::strcasecmp(header.c_str(), "set-cookie") ||
+      !base::strcasecmp(header.c_str(), "set-cookie2") ||
+      !base::strcasecmp(header.c_str(), "cookie") ||
+      !base::strcasecmp(header.c_str(), "authorization") ||
+      !base::strcasecmp(header.c_str(), "proxy-authorization")) {
+    redact_begin = value.begin();
+    redact_end = value.end();
+  } else if (!base::strcasecmp(header.c_str(), "www-authenticate") ||
+             !base::strcasecmp(header.c_str(), "proxy-authenticate")) {
+    // Look for authentication information from data received from the server in
+    // multi-round Negotiate authentication.
+    HttpAuthChallengeTokenizer challenge(value.begin(), value.end());
+    if (ShouldRedactChallenge(&challenge)) {
+      redact_begin = challenge.params_begin();
+      redact_end = challenge.params_end();
+    }
+  }
+
+  if (redact_begin == redact_end)
+    return value;
+
+  return std::string(value.begin(), redact_begin) +
+      base::StringPrintf("[%ld bytes were stripped]",
+                         static_cast<long>(redact_end - redact_begin)) +
+      std::string(redact_end, value.end());
+}
+
+}  // namespace net